sunn1day

3 exploits Active since May 2019
CVE-2018-14714 NOMISEC CRITICAL WORKING POC
ASUS RT-AC3200 <3.0.0.4.382.50010 - Command Injection
System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.
18 stars
CVSS 9.8
CVE-2020-36109 NOMISEC CRITICAL WORKING POC
Asus Rt-ax86u Firmware < 9.0.0.4_386 - Buffer Overflow
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the blocking_request.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data.
17 stars
CVSS 9.8
CVE-2018-14714 NOMISEC CRITICAL WORKING POC
ASUS RT-AC3200 <3.0.0.4.382.50010 - Command Injection
System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.
9 stars
CVSS 9.8